From 6ec1b34ee36cba67520261cec2dbbf3abf810a2f Mon Sep 17 00:00:00 2001
From: Tony BRIET <tony.briet@viacesi.fr>
Date: Wed, 24 Jan 2018 16:00:53 +0100
Subject: [PATCH] fix: prevent middleware infinite loops

---
 lib/templates/auth.middleware.js | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/lib/templates/auth.middleware.js b/lib/templates/auth.middleware.js
index d559e2e35..4d61d0bc9 100644
--- a/lib/templates/auth.middleware.js
+++ b/lib/templates/auth.middleware.js
@@ -7,19 +7,20 @@ middleware.auth = function authMiddleware ({ route, redirect, store }) {
     const guarded = options.guarded
 
     // Only apply the middleware to guarded routes
-    // and exclude redirected paths to hit the middleware again.
-    if (guarded && route.path !== '<%= options.redirect.notLoggedIn %>') {
+    if (guarded) {
       // Checking if guest redirection middleware is enabled
     <% if (options.redirect.guest) { %>
-        // Guest is redirected back to login page.
-        if (!store.getters['auth/loggedIn']) {
+        // Guest is redirected back to login page
+        // and excluding redirected paths from hitting the middleware again.
+        if (!store.getters['auth/loggedIn'] && route.path !== '<%= options.redirect.notLoggedIn %>') {
           return redirect('<%= options.redirect.notLoggedIn %>')
         }
 
         // Checking if user redirection middleware is enabled
       <% } if (options.redirect.user) { %>
         // Guest is redirected back to login page
-        if (store.getters['auth/loggedIn']) {
+        // and excluding redirected paths from hitting the middleware again.
+        if (store.getters['auth/loggedIn'] && route.path !== '<%= options.redirect.loggedIn %>') {
           return redirect('<%= options.redirect.loggedIn %>')
         }
       <% } %>